gridsite.h
Go to the documentation of this file.00001 /* 00002 Copyright (c) 2002-10, Andrew McNab, University of Manchester 00003 All rights reserved. 00004 00005 Redistribution and use in source and binary forms, with or 00006 without modification, are permitted provided that the following 00007 conditions are met: 00008 00009 o Redistributions of source code must retain the above 00010 copyright notice, this list of conditions and the following 00011 disclaimer. 00012 o Redistributions in binary form must reproduce the above 00013 copyright notice, this list of conditions and the following 00014 disclaimer in the documentation and/or other materials 00015 provided with the distribution. 00016 00017 THIS SOFTWARE IS PROVIDED BY THE COPYRIGHT HOLDERS AND 00018 CONTRIBUTORS "AS IS" AND ANY EXPRESS OR IMPLIED WARRANTIES, 00019 INCLUDING, BUT NOT LIMITED TO, THE IMPLIED WARRANTIES OF 00020 MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE ARE 00021 DISCLAIMED. IN NO EVENT SHALL THE COPYRIGHT OWNER OR CONTRIBUTORS 00022 BE LIABLE FOR ANY DIRECT, INDIRECT, INCIDENTAL, SPECIAL, 00023 EXEMPLARY, OR CONSEQUENTIAL DAMAGES (INCLUDING, BUT NOT LIMITED 00024 TO, PROCUREMENT OF SUBSTITUTE GOODS OR SERVICES; LOSS OF USE, 00025 DATA, OR PROFITS; OR BUSINESS INTERRUPTION) HOWEVER CAUSED AND ON 00026 ANY THEORY OF LIABILITY, WHETHER IN CONTRACT, STRICT LIABILITY, 00027 OR TORT (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY 00028 OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE 00029 POSSIBILITY OF SUCH DAMAGE. 00030 */ 00031 00032 /*---------------------------------------------------------------* 00033 * For more about GridSite: http://www.gridsite.org/ * 00034 *---------------------------------------------------------------*/ 00035 00036 #ifndef HEADER_GRIDSITE_H 00037 #define HEADER_GRIDSITE_H 00038 00039 #ifndef GRST_VERSION 00040 #define GRST_VERSION 010500 00041 #endif 00042 00043 #ifdef __cplusplus 00044 extern "C" { 00045 #endif 00046 00047 #ifndef GRST_NO_OPENSSL 00048 00049 #ifndef HEADER_SSL_H 00050 #include <openssl/ssl.h> 00051 #endif 00052 00053 #ifndef HEADER_CRYPTO_H 00054 #include <openssl/crypto.h> 00055 #endif 00056 00057 #endif 00058 00059 #ifndef _TIME_H 00060 #include <time.h> 00061 #endif 00062 00063 #ifndef _STDIO_H 00064 #include <stdio.h> 00065 #endif 00066 00067 #ifndef _STDINT_H 00068 #include <stdint.h> 00069 #endif 00070 00071 #ifndef FALSE 00072 #define FALSE (0) 00073 #endif 00074 #ifndef TRUE 00075 #define TRUE (!FALSE) 00076 #endif 00077 00078 // Everything ok (= OpenSSL X509_V_OK) 00079 #define GRST_RET_OK 0 00080 00081 // Failed for unspecified reason 00082 #define GRST_RET_FAILED 1000 00083 00084 // Failed to find certificate in some cert store / directory 00085 #define GRST_RET_CERT_NOT_FOUND 1001 00086 00087 // Bad signature 00088 #define GRST_RET_BAD_SIGNATURE 1002 00089 00090 // No such file or directory 00091 #define GRST_RET_NO_SUCH_FILE 1003 00092 00093 /* We use && now rather than if so this macro can be used inside if...else 00094 but that means the function must return an int rather than be void */ 00095 #define GRSTerrorLog(GRSTerrorLevel, ...) ((GRSTerrorLogFunc != NULL) && ((GRSTerrorLogFunc)(__FILE__, __LINE__, GRSTerrorLevel, __VA_ARGS__))) 00096 00097 extern int (*GRSTerrorLogFunc)(char *, int, int, char *, ...); 00098 00099 /* these levels are the same as Unix syslog() and Apache ap_log_error() */ 00100 00101 #define GRST_LOG_EMERG 0 00102 #define GRST_LOG_ALERT 1 00103 #define GRST_LOG_CRIT 2 00104 #define GRST_LOG_ERR 3 00105 #define GRST_LOG_WARNING 4 00106 #define GRST_LOG_NOTICE 5 00107 #define GRST_LOG_INFO 6 00108 #define GRST_LOG_DEBUG 7 00109 00110 #define GRST_MAX_TIME_T INT32_MAX 00111 00112 typedef struct { char *auri; 00113 int delegation; 00114 int nist_loa; 00115 time_t notbefore; 00116 time_t notafter; 00117 void *next; } GRSTgaclCred; 00118 00119 /* used by pre-AURI GRSTgaclCred structs */ 00120 __attribute__ ((deprecated)) 00121 typedef struct { char *name; 00122 char *value; 00123 void *next; } GRSTgaclNamevalue; 00124 00125 typedef int GRSTgaclAction; 00126 typedef unsigned int GRSTgaclPerm; 00127 00128 typedef struct { GRSTgaclCred *firstcred; 00129 GRSTgaclPerm allowed; 00130 GRSTgaclPerm denied; 00131 void *next; } GRSTgaclEntry; 00132 00133 typedef struct { GRSTgaclEntry *firstentry; } GRSTgaclAcl; 00134 00135 typedef struct { GRSTgaclCred *firstcred; char *dnlists; } GRSTgaclUser; 00136 00137 #define GRST_PERM_NONE 0 00138 #define GRST_PERM_READ 1 00139 #define GRST_PERM_EXEC 2 00140 #define GRST_PERM_LIST 4 00141 #define GRST_PERM_WRITE 8 00142 #define GRST_PERM_ADMIN 16 00143 #define GRST_PERM_ALL 31 00144 00145 /* DO NOT USE PermIsNone!! */ 00146 #define GRSTgaclPermIsNone(perm) ((perm) == 0) 00147 00148 #define GRSTgaclPermHasNone(perm) ((perm) == 0) 00149 #define GRSTgaclPermHasRead(perm) (((perm) & GRST_PERM_READ ) != 0) 00150 #define GRSTgaclPermHasExec(perm) (((perm) & GRST_PERM_EXEC ) != 0) 00151 #define GRSTgaclPermHasList(perm) (((perm) & GRST_PERM_LIST ) != 0) 00152 #define GRSTgaclPermHasWrite(perm) (((perm) & GRST_PERM_WRITE) != 0) 00153 #define GRSTgaclPermHasAdmin(perm) (((perm) & GRST_PERM_ADMIN) != 0) 00154 00155 #define GRST_ACTION_ALLOW 0 00156 #define GRST_ACTION_DENY 1 00157 00158 #define GRST_HIST_PREFIX ".grsthist" 00159 #define GRST_ACL_FILE ".gacl" 00160 #define GRST_DN_LISTS "/etc/grid-security/dn-lists" 00161 #define GRST_RECURS_LIMIT 9 00162 00163 #define GRST_PROXYCERTINFO_OLD_OID "1.3.6.1.4.1.3536.1.222" 00164 #define GRST_PROXYCERTINFO_OID "1.3.6.1.5.5.7.1.14" 00165 #define GRST_VOMS_OID "1.3.6.1.4.1.8005.100.100.5" 00166 #define GRST_VOMS_PK_CERT_LIST_OID "1.3.6.1.4.1.8005.100.100.10" 00167 #define GRST_VOMS_DIR "/etc/grid-security/vomsdir" 00168 #define GRST_KEYUSAGE_OID "2.5.29.15" 00169 00170 #define GRST_ASN1_MAXCOORDLEN 50 00171 #define GRST_ASN1_MAXTAGS 500 00172 00173 struct GRSTasn1TagList { char treecoords[GRST_ASN1_MAXCOORDLEN+1]; 00174 int start; 00175 int headerlength; 00176 int length; 00177 int tag; } ; 00178 00179 #define GRST_X509_SERIAL_DIGITS 49 00180 00181 typedef struct { int type; /* CA, user, proxy, VOMS, ... */ 00182 int errors; /* unchecked, bad sig, bad time */ 00183 char *issuer; /* Cert CA DN, EEC of PC, or VOMS DN */ 00184 char *dn; /* Cert DN, or VOMS AC holder DN */ 00185 char *value; /* VOMS FQAN or NULL */ 00186 time_t notbefore; 00187 time_t notafter; 00188 int delegation; /* relative to END of any chain */ 00189 char serial[GRST_X509_SERIAL_DIGITS+1]; 00190 char *ocsp; /* accessLocation field */ 00191 void *raw; /* X509 or VOMS Extension object */ 00192 void *next; } GRSTx509Cert; 00193 00194 #define GRST_CERT_BAD_FORMAT 1 00195 #define GRST_CERT_BAD_CHAIN 2 00196 #define GRST_CERT_BAD_SIG 4 00197 #define GRST_CERT_BAD_TIME 8 00198 #define GRST_CERT_BAD_OCSP 16 00199 00200 #define GRST_CERT_TYPE_CA 1 00201 #define GRST_CERT_TYPE_EEC 2 00202 #define GRST_CERT_TYPE_PROXY 3 00203 #define GRST_CERT_TYPE_VOMS 4 00204 00205 /* a chain of certs, starting from the first CA */ 00206 typedef struct { GRSTx509Cert *firstcert; } GRSTx509Chain; 00207 00208 #ifndef GRST_NO_OPENSSL 00209 int GRSTx509CertLoad(GRSTx509Cert *, X509 *); 00210 int GRSTx509ChainLoadCheck(GRSTx509Chain **, STACK_OF(X509) *, X509 *, char *, char *); 00211 #endif 00212 int GRSTx509ChainFree(GRSTx509Chain *); 00213 00214 #define GRST_HTTP_PORT 777 00215 #define GRST_HTTPS_PORT 488 00216 #define GRST_HTCP_PORT 777 00217 #define GRST_GSIFTP_PORT 2811 00218 00219 #define GRSThtcpNOPop 0 00220 #define GRSThtcpTSTop 1 00221 00222 typedef struct { unsigned char length_msb; 00223 unsigned char length_lsb; 00224 char text[1]; } GRSThtcpCountstr; 00225 00226 #define GRSThtcpCountstrLen(string) (256*((string)->length_msb) + (string)->length_lsb) 00227 00228 typedef struct { unsigned char total_length_msb; 00229 unsigned char total_length_lsb; 00230 unsigned char version_msb; 00231 unsigned char version_lsb; 00232 unsigned char data_length_msb; 00233 unsigned char data_length_lsb; 00234 unsigned int response : 4; 00235 unsigned int opcode : 4; 00236 unsigned int rr : 1; 00237 unsigned int f1 : 1; 00238 unsigned int reserved : 6; 00239 unsigned int trans_id; /* must be 4 bytes */ 00240 GRSThtcpCountstr *method; 00241 GRSThtcpCountstr *uri; 00242 GRSThtcpCountstr *version; 00243 GRSThtcpCountstr *req_hdrs; 00244 GRSThtcpCountstr *resp_hdrs; 00245 GRSThtcpCountstr *entity_hdrs; 00246 GRSThtcpCountstr *cache_hdrs; } GRSThtcpMessage; 00247 00248 int GRSTgaclInit(void); 00249 00250 __attribute__ ((deprecated)) 00251 GRSTgaclCred *GRSTgaclCredNew(char *); 00252 00253 GRSTgaclCred *GRSTgaclCredCreate(char *, char *); 00254 00255 __attribute__ ((deprecated)) 00256 int GRSTgaclCredAddValue(GRSTgaclCred *, char *, char *); 00257 00258 #define GRSTgaclCredGetAuri(cred) ((cred)->auri) 00259 00260 #define GRSTgaclCredSetNotBefore(cred, time) ((cred)->notbefore = (time)) 00261 #define GRSTgaclCredGetNotBefore(cred) ((cred)->notbefore) 00262 00263 #define GRSTgaclCredSetNotAfter(cred, time) ((cred)->notafter = (time)) 00264 #define GRSTgaclCredGetNotAfter(cred) ((cred)->notafter) 00265 00266 #define GRSTgaclCredSetDelegation(cred, level) ((cred)->delegation = (level)) 00267 #define GRSTgaclCredGetDelegation(cred) ((cred)->delegation) 00268 00269 #define GRSTgaclCredSetNistLoa(cred, level) ((cred)->nist_loa = (level)) 00270 #define GRSTgaclCredGetNistLoa(cred) ((cred)->nist_loa) 00271 00272 /* #define GACLfreeCred(x) GRSTgaclCredFree((x)) */ 00273 int GRSTgaclCredFree(GRSTgaclCred *); 00274 00275 /* #define GACLaddCred(x,y) GRSTgaclEntryAddCred((x),(y)) */ 00276 int GRSTgaclEntryAddCred(GRSTgaclEntry *, GRSTgaclCred *); 00277 00278 /* #define GACLdelCred(x,y) GRSTgaclEntryDelCred((x),(y)) */ 00279 int GRSTgaclEntryDelCred(GRSTgaclEntry *, GRSTgaclCred *); 00280 00281 /* #define GACLprintCred(x,y) GRSTgaclCredPrint((x),(y)) */ 00282 int GRSTgaclCredCredPrint(GRSTgaclCred *, FILE *); 00283 00284 int GRSTgaclCredCmpAuri(GRSTgaclCred *, GRSTgaclCred *); 00285 00286 /* #define GACLnewEntry(x) GRSTgaclEntryNew((x)) */ 00287 GRSTgaclEntry *GRSTgaclEntryNew(void); 00288 00289 /* #define GACLfreeEntry(x) GRSTgaclEntryFree((x)) */ 00290 int GRSTgaclEntryFree(GRSTgaclEntry *); 00291 00292 /* #define GACLaddEntry(x,y) GRSTgaclAclAddEntry((x),(y)) */ 00293 int GRSTgaclAclAddEntry(GRSTgaclAcl *, GRSTgaclEntry *); 00294 00295 /* #define GACLprintEntry(x,y) GRSTgaclEntryPrint((x),(y)) */ 00296 int GRSTgaclEntryPrint(GRSTgaclEntry *, FILE *); 00297 00298 00299 /* #define GACLprintPerm(x,y) GRSTgaclPermPrint((x),(y)) */ 00300 int GRSTgaclPermPrint(GRSTgaclPerm, FILE *); 00301 00302 /* #define GACLallowPerm(x,y) GRSTgaclEntryAllowPerm((x),(y)) */ 00303 int GRSTgaclEntryAllowPerm(GRSTgaclEntry *, GRSTgaclPerm); 00304 00305 /* #define GACLunallowPerm(x,y) GRSTgaclEntryUnallowPerm((x),(y)) */ 00306 int GRSTgaclEntryUnallowPerm(GRSTgaclEntry *, GRSTgaclPerm); 00307 00308 /* #define GACLdenyPerm(x,y) GRSTgaclEntryDenyPerm((x),(y)) */ 00309 int GRSTgaclEntryDenyPerm(GRSTgaclEntry *, GRSTgaclPerm); 00310 00311 /* #define GACLundenyPerm(x,y) GRSTgaclEntryUndenyPerm((x),(y)) */ 00312 int GRSTgaclEntryUndenyPerm(GRSTgaclEntry *, GRSTgaclPerm); 00313 00314 /* #define GACLpermToChar(x) GRSTgaclPermToChar((x)) */ 00315 char *GRSTgaclPermToChar(GRSTgaclPerm); 00316 00317 /* #define GACLcharToPerm(x) GRSTgaclPermFromChar((x)) */ 00318 GRSTgaclPerm GRSTgaclPermFromChar(char *); 00319 00320 /* #define GACLnewAcl(x) GRSTgaclAclNew((x)) */ 00321 GRSTgaclAcl *GRSTgaclAclNew(void); 00322 00323 /* #define GACLfreeAcl(x) GRSTgaclAclFree((x)) */ 00324 int GRSTgaclAclFree(GRSTgaclAcl *); 00325 00326 /* #define GACLprintAcl(x,y) GRSTgaclAclPrint((x),(y)) */ 00327 int GRSTgaclAclPrint(GRSTgaclAcl *, FILE *); 00328 00329 /* #define GACLsaveAcl(x,y) GRSTgaclAclSave((y),(x)) */ 00330 int GRSTgaclAclSave(GRSTgaclAcl *, char *); 00331 00332 /* #define GACLloadAcl(x) GRSTgaclFileLoadAcl((x)) */ 00333 GRSTgaclAcl *GRSTgaclAclLoadFile(char *); 00334 00335 /* #define GACLfindAclForFile(x) GRSTgaclFileFindAclname((x)) */ 00336 char *GRSTgaclFileFindAclname(char *); 00337 00338 /* #define GACLloadAclForFile(x) GRSTgaclFileLoadAcl((x)) */ 00339 GRSTgaclAcl *GRSTgaclAclLoadforFile(char *); 00340 00341 /* #define GACLisAclFile(x) GRSTgaclFileIsAcl((x)) */ 00342 int GRSTgaclFileIsAcl(char *); 00343 00344 00345 /* #define GACLnewUser(x) GRSTgaclUserNew((x)) */ 00346 GRSTgaclUser *GRSTgaclUserNew(GRSTgaclCred *); 00347 00348 /* #define GACLfreeUser(x) GRSTgaclUserFree((x)) */ 00349 int GRSTgaclUserFree(GRSTgaclUser *); 00350 00351 /* #define GACLuserAddCred(x,y) GRSTgaclUserAddCred((x),(y)) */ 00352 int GRSTgaclUserAddCred(GRSTgaclUser *, GRSTgaclCred *); 00353 00354 /* #define GACLuserHasCred(x,y) GRSTgaclUserHasCred((x),(y)) */ 00355 int GRSTgaclUserHasCred(GRSTgaclUser *, GRSTgaclCred *); 00356 00357 __attribute__ ((deprecated)) 00358 int GRSTgaclUserSetDNlists(GRSTgaclUser *, char *); 00359 00360 int GRSTgaclUserLoadDNlists(GRSTgaclUser *, char *); 00361 00362 /* #define GACLuserFindCredType(x,y) GRSTgaclUserFindCredtype((x),(y)) */ 00363 GRSTgaclCred *GRSTgaclUserFindCredtype(GRSTgaclUser *, char *); 00364 00365 __attribute__ ((deprecated)) 00366 int GRSTgaclDNlistHasUser(char *, GRSTgaclUser *); 00367 00368 int GRSTgaclUserHasAURI(GRSTgaclUser *, char *); 00369 00370 /* #define GACLtestUserAcl(x,y) GRSTgaclAclTestUser((x),(y)) */ 00371 GRSTgaclPerm GRSTgaclAclTestUser(GRSTgaclAcl *, GRSTgaclUser *); 00372 00373 /* #define GACLtestExclAcl(x,y) GRSTgaclAclTestexclUser((x),(y)) */ 00374 GRSTgaclPerm GRSTgaclAclTestexclUser(GRSTgaclAcl *, GRSTgaclUser *); 00375 00376 char *GRSThttpUrlDecode(char *); 00377 00378 /* #define GACLurlEncode(x) GRSThttpUrlEncode((x)) */ 00379 char *GRSThttpUrlEncode(char *); 00380 00381 /* #define GACLmildUrlEncode(x) GRSThttpMildUrlEncode((x)) */ 00382 char *GRSThttpUrlMildencode(char *); 00383 00384 int GRSTx509NameCmp(char *, char *); 00385 00386 #ifndef GRST_NO_OPENSSL 00387 int GRSTx509KnownCriticalExts(X509 *); 00388 00389 int GRSTx509IsCA(X509 *); 00390 int GRSTx509CheckChain(int *, X509_STORE_CTX *); 00391 int GRSTx509VerifyCallback(int, X509_STORE_CTX *); 00392 00393 __attribute__ ((deprecated)) 00394 int GRSTx509GetVomsCreds(int *, int, size_t, char *, X509 *, STACK_OF(X509) *, char *); 00395 00396 __attribute__ ((deprecated)) 00397 GRSTgaclCred *GRSTx509CompactToCred(char *); 00398 00399 __attribute__ ((deprecated)) 00400 int GRSTx509CompactCreds(int *, int, size_t, char *, STACK_OF(X509) *, char *, X509 *); 00401 #endif 00402 00403 char *GRSTx509CachedProxyFind(char *, char *, char *); 00404 char *GRSTx509FindProxyFileName(void); 00405 int GRSTx509MakeProxyCert(char **, FILE *, char *, char *, char *, int); 00406 char *GRSTx509CachedProxyKeyFind(char *, char *, char *); 00407 int GRSTx509ProxyDestroy(char *, char *, char *); 00408 int GRSTx509ProxyGetTimes(char *, char *, char *, time_t *, time_t *); 00409 int GRSTx509CreateProxyRequest(char **, char **, char *); 00410 int GRSTx509MakeProxyRequest(char **, char *, char *, char *); 00411 00412 char *GRSTx509MakeDelegationID(void); 00413 00414 #ifndef GRST_NO_OPENSSL 00415 int GRSTx509StringToChain(STACK_OF(X509) **, char *); 00416 char *GRSTx509MakeProxyFileName(char *, STACK_OF(X509) *); 00417 #endif 00418 00419 int GRSTx509CacheProxy(char *, char *, char *, char *); 00420 00421 #define GRST_HEADFILE "gridsitehead.txt" 00422 #define GRST_FOOTFILE "gridsitefoot.txt" 00423 #define GRST_ADMIN_FILE "gridsite-admin.cgi" 00424 00425 typedef struct { char *text; 00426 void *next; } GRSThttpCharsList; 00427 00428 typedef struct { size_t size; 00429 GRSThttpCharsList *first; 00430 GRSThttpCharsList *last; } GRSThttpBody; 00431 00432 void GRSThttpBodyInit(GRSThttpBody *); 00433 void GRSThttpPrintf(GRSThttpBody *, char *, ...); 00434 int GRSThttpCopy(GRSThttpBody *, char *); 00435 void GRSThttpWriteOut(GRSThttpBody *); 00436 int GRSThttpPrintHeaderFooter(GRSThttpBody *, char *, char *); 00437 int GRSThttpPrintHeader(GRSThttpBody *, char *); 00438 int GRSThttpPrintFooter(GRSThttpBody *, char *); 00439 char *GRSThttpGetCGI(char *); 00440 00441 time_t GRSTasn1TimeToTimeT(char *, size_t); 00442 int GRSTasn1SearchTaglist(struct GRSTasn1TagList taglist[], int, char *); 00443 #ifndef GRST_NO_OPENSSL 00444 int GRSTasn1ParseDump(BIO *, unsigned char *, long, 00445 struct GRSTasn1TagList taglist[], int, int *); 00446 #endif 00447 int GRSTasn1GetX509Name(char *, int, char *, char *, 00448 struct GRSTasn1TagList taglist[], int); 00449 00450 int GRSThtcpNOPrequestMake(char **, int *, unsigned int); 00451 int GRSThtcpNOPresponseMake(char **, int *, unsigned int); 00452 int GRSThtcpTSTrequestMake(char **, int *, unsigned int, char *, char *, char *); 00453 int GRSThtcpTSTresponseMake(char **, int *, unsigned int, char *, char *, char *); 00454 int GRSThtcpMessageParse(GRSThtcpMessage *, char *, int); 00455 00456 #ifndef GRST_PASSCODE_JS 00457 //#define __GRST_PASSCODE_JS__ 00458 #define GRST_PASSCODE_JS "<script type=\"text/javascript\" language=\"Javascript\"><!--\nfunction changeValue(formName){ if( document.forms[formName].passcode.value==\"\" ) document.forms[formName].passcode.value=getCookie(\"GRIDHTTP_PASSCODE\"); return true; } \nfunction getCookie(c_name){ if (document.cookie.length>0) { c_start=document.cookie.indexOf(c_name + \"=\"); if (c_start!=-1) { c_start=c_start + c_name.length+1; c_end=document.cookie.indexOf(\";\",c_start); if (c_end==-1) c_end=document.cookie.length; return unescape(document.cookie.substring(c_start,c_end)); }} return \"\"; } \n -->\n</script>" 00459 #endif 00460 00461 #ifdef __cplusplus 00462 } // extern "C" 00463 #endif 00464 00465 #endif // HEADER_GRIDSITE_H
Generated on Sun Feb 5 04:07:04 2012 by
1.3.9.1
Last modified Sun 5 February 2012 . View page history
Switch to HTTPS . Print View . Built with GridSite 1.4.3